SSH(1)                                                     SSH(1)

     NAME
          ssh - secure shell remote login client

     SYNOPSIS
          ssh [ -drRX ] [ -t thumbfile ] [ -T tries ] [ -u user ] [ -h
          ] [ user@]host [ -W remote!port ] [ cmd args ... ]

     DESCRIPTION
          Ssh starts a remote shell or cmd on the computer host logged
          in as user. The input file descriptor is forwarded to the
          remote side and output and error descriptors are forwarded
          to the local side.

          The connection is authenticated and encrypted using the SSH2
          protocol. The user authenticates itself to the host using
          his RSA key pair (stored in factotum) or plaintext  pass-
          words. To authenticate the host to the user, the hosts RSA
          public key is hashed and compared to the entries in
          $home/lib/sshthumbs file (see thumbprint(6)). The thumbfile
          location can be changed with the -t option.

          When cmd is specified, it is concatenated with the list of
          quoted args and run on the remote side. No pseudo terminal
          will be requested.  A cmd beginning with # is interpreted as
          a subsystem name such as sftp (see sshfs(4)).

          Without cmd, a shell is started on the remote side.  In that
          case and when the $TERM environment variable is set (such as
          when started under a terminal emulator like vt(1)), a pseudo
          terminal will be requested for the shell.  This can be dis-
          abled with the -R flag.  A pseudo-terminal can be requested
          in all cases with the -r flag.

          With the -W option, instead of executing a command remotely,
          makes the server dial a tcp connection to remote!port which
          the client relays on standard input and output.  For han-
          dling multiple connections transparently to programs, see
          sshnet(4).

          The -d flag enables debug output.

          The -X flag enables mux mode, which after establishing the
          tunnel, relays the plaintext SSH protocol messages on file-
          descriptor 0 and 1.  This is used by programs such as
          sshnet(4) and sshfs(4).

     FILES
          $home/lib/sshthumbs  the user's thumbfile of known host fin-
                               gerprints

     Page 1                       Plan 9             (printed 3/28/24)

     SSH(1)                                                     SSH(1)

     SOURCE
          /sys/src/cmd/ssh.c

     BUGS
          If keyboard-interactive authentication fails, by default it
          is retried three times.  The number of tries can be changed
          with -T.  Setting it to zero disables keyboard-interactive
          authentication.

     SEE ALSO
          vt(1), rsa(8), thumbprint(6), factotum(4), sshfs(4),
          sshnet(4)

     Page 2                       Plan 9             (printed 3/28/24)